Blogs

MISP 2.4.130 released (Various fixes, performance improvements and new features)

August 21, 2020

MISP 2.4.130 released

A new version of MISP (2.4.130) has been released with performance improvements, multiple bugs fixed and new features.

Continue reading

MISP service monitoring (and a bit of healing) with OpenNMS

By Sascha Rommelfangen

August 18, 2020

MISP service monitoring (and a bit of healing) with OpenNMS

Introduction:

Many organisations adore how quick and easy MISP can be set up. Once it’s running, people start integrating it into their processes and begin to rely on it, for instance by exporting indicators and using them in security or network focused software. Usually this is the time when MISP becomes a fundamental part in the portfolio of fighting attacks, and the need for reliability grows rapidly.

Continue reading

Creating a MISP Galaxy, 101

By Koen Van Impe

July 31, 2020

MISP Galaxies

MISP Galaxies and Clusters are an easy way to add context to data. Compared to the relatively simple concept of tags and taxonomies, they allow you to add more complex data structures. There is already a large list of galaxies and clusters available as a community effort, and directly accessible within MISP, but it’s always possible these do not fully address your needs.

Continue reading

Publishing open data from MISP

July 30, 2020

Publish data on Open data portals with MISP

The Open data format

Open data defines the idea of making some data freely available for everyone to use with a possibility of redistribution in any form. The open data format provides metadata information describing the datasets along with resources stored within the portal.

Continue reading

MISP 2.4.129 released (merge event improved, event block rule system, security fixes and many bugs fixed)

July 28, 2020

MISP 2.4.129 released

A new version of MISP (2.4.129) has been released with an improved merge functionality, a new event block rule system, many security fixes and bugs fixed.

Continue reading

MISP 2.4.128 released (STIX import/export refactored release edition)

June 24, 2020

MISP 2.4.128 released

A new version of MISP (2.4.128) has been released with a significant refactoring of the STIX import/export along with many improvements and bugs fixed.

Continue reading

MISP 2.4.127 released (decay updates release edition)

June 19, 2020

MISP 2.4.127 released

A new version of MISP (2.4.127) has been released with an improved version of attributes decaying, new set of widgets, many improvements and bugs fixed.

Continue reading

MISP 2.4.126 released (Spring release edition)

June 4, 2020

MISP 2.4.126 released

A new version of MISP (2.4.126) has been released a while ago, though we have forgotten to publish a blog post about it - thanks to @coolacid for the reminder. This version includes a security fix and various quality of life improvements.

Continue reading

MISP 2.4.125 released (aka self-registration feature and feed improvements release)

May 6, 2020

MISP 2.4.125 released

A new version of MISP (2.4.125) has been released. This version includes various improvements including a major refactoring of the feed system, the addition of OTP, a new inbox system to allow for self-registration, sightings in the timeline visualisation and many more improvements.

Continue reading

MISP 2.4.124 released (aka the dashboard, auditing improvements)

April 6, 2020

MISP 2.4.124 released

A new version of MISP (2.4.124) has been released. This version includes various improvements including a new multiline widgets in the dashboard, auditing improvements and many bugs fixed.

Continue reading

Cogsec Collab MISP Community - sharing group dedicated to misinformation and information campaigns

By VVX7

March 27, 2020

We’re proud to announce the CogSec Collab MISP Community - the first public MISP sharing group dedicated to misinformation and information campaigns.

Continue reading

MISP 2.4.123 released (aka the dashboard and security fix release)

March 10, 2020

MISP 2.4.123 released

A new version of MISP (2.4.123) has been released. This version includes various security related fixed, and a new Dashboard system.

Continue reading

MISP 2.4.122 released (aka the bug fix release)

February 18, 2020

MISP 2.4.122 released

A new version of MISP (2.4.122) has been released. This version includes various fixes, minor new features and improvements.

Continue reading

MISP 2.4.121 released (aka the security release)

February 12, 2020

MISP 2.4.121 released

A new version of MISP (2.4.121) has been released. This version is a security/bug fix release and users are highly encouraged to update as soon as possible. Besides that several issues were resolved and some new functionalities were added.

Continue reading

MISP 2.4.120 released (aka the timeline release)

January 21, 2020

MISP 2.4.120 released

A new version of MISP (2.4.120) has been released, including an extension to the data-model adding the first_seen and last_seen values at the attribute and object levels. The user-interface has been extended with a timeline view/editor per event, allowing users to see all occurrences of attributes and objects based on time. A new quick object edit tool has been added, enabling users to easily add new attributes to already existing objects. A long list of bugs were fixed and various improvements were made in the existing features.

Continue reading

MISP 2.4.119 released (aka the quality of life release)

December 4, 2019

MISP 2.4.119 released

A new version of MISP (2.4.119) has been released, including several functionalities that should make the operation of a MISP instance more convenient.

Continue reading

MISP 2.4.118 released (aka the exclusivity tag release and SightingDB support)

November 10, 2019

MISP 2.4.118 released

A new version of MISP (2.4.118) has been release including a functionality that allows for tag exclusivity within taxonomies, the support for external Sighting sources via SightingDB and many fixes.

Continue reading

Visualising common patterns using MISP and ATT&CK data

October 27, 2019

Visualising common patterns using MISP and ATT&CK data

Having access to a large amount of Threat information through MISP Threat Sharing communities gives you outstanding opportunities to aggregate this information and take the process of trying to understand how all this data fits together telling a broader story to the next level. We are transforming technical data or indicators of compromise (IOCs) into cyber threat intelligence. This is where the analytical challenge begins.

Continue reading

MISP 2.4.117 released (aka the the pre-conference season release)

October 11, 2019

MISP 2.4.117 released

A new version of MISP (2.4.117) has been release including major performance improvements in MISP and PyMISP, publish filter emails, throttling restSearch (very useful when you want to limit some users using the API of your MISP instance) and many more improvements.

Continue reading

Benefits of running your own MISP instance

September 25, 2019

Benefits of running your own MISP instance

One topic that regularly pops up during trainings and users that are just getting started with MISP in general is the question of running your own MISP versus using a hosted MISP instance. We have seen a lot of great efforts by ISACs, organisations with national or sectorial responsibilities leading the charge and acting as a central sharing hub for communities.

Continue reading

Search

Tags